Resources
Compliance Process
A general approach for how to think about and tackle open source license compliance.
Developer FAQ
Addresses many questions relating to open source compliance.
Compliance Dictionary
Defines terms that you’ll encounter as you dive deeper into open source compliance.
Basics for Developers
Free training course goes much deeper into open source compliance matters.
Projects
Deep dive into compliance matters specific to open source project development.
Organizations
Deep dive into compliance matters specific to organizations who use open source.
Standards Used In Compliance
OpenChain is the ISO/IEC International Standard for Open Source Compliance. It allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. This is an open standard and all parties are welcome to engage with our community, to share their knowledge, and to contribute to the future of our standard.Find out more on the OpenChain homepage.
SPDX, the Software Package Data Exchange project, is developing ways for humans and machines to communicate software composition information, including security vulnerabilities, licenses, copyrights and more. Check out and join us in developing:
Open Tooling Used In Compliance
FOSSology
And so many, many more. You can start exploring all the options through the OpenChain Reference Tooling Work Group, which created a dedicated site.